Are BN.mont and BN.red interchangable?

[mattdean-digicatapult]

I'm having some issues using BN.mont in a project I'm working on, whereby under certain conditions it gives me different answers compared to when I use BN.red (documentation implies they're interchangable?). For example:

const BN = require('bn.js')

const a = new BN(0)
const b = new BN(0)
const m = new BN(100)

const redRed = BN.red(m)
const redMont = BN.mont(m)

const resMont = a.toRed(redMont).redPow(b).fromRed()
const resRed = a.toRed(redRed).redPow(b).fromRed()

console.log(resMont, resRed)

which outputs <BN: 18> <BN: 1>

I don't know if this is just a documentation issue (for example maybe BN.mont only produces the correct answer under certain undocumented conditions?) or if this is a genuine bug. It may also be that I've completely misunderstood how this works 😜

[s1na]

I faced the same issue here. As @cdetrio pointed out, BN.mont is choosing r as a power of 2, which means the modulus should be odd and greater than 3 to produce correct results.

In other words (if I haven't misunderstood), if modulus n is even, because r is a power of 2, gcd(r, n) != 1, which is a condition for the Montgomery multiplication.